VulnDB return to top

Know Your

Vulnerabilities

Before They Are Used

Against You

Download Our Latest Report

Risk Based Security publishes Vulnerability Intelligence Reports that provide a Quick View into vulnerability trends, using charts and graphs to summarize the most recently reported vulnerabilities

About VulnDB

VulnDB is the most comprehensive and timely vulnerability intelligence available and provides actionable information about the latest in security vulnerabilities via an easy-to-use SaaS Portal, or a RESTful API that allows easy integration into GRC tools and ticketing systems.

VulnDB allows organizations to search and be alerted on the latest vulnerabilities, both in end-user software and the 3rd Party Libraries or dependencies.

A subscription to VulnDB provides organizations with simple to understand ratings and metrics on their vendors and products, and how each contributes to the organization’s risk-profile and cost of ownership.

About Section Sketch Design

Comprehensive Vulnerability Intelligence


Vulnerability source information, extensive references, links to Proof of Concept code and solutions

Disclosure timeline, researcher & other vulnerability metadata

Full mapping to CVE

Identified and cataloged over 100,893 vulnerabilities not found in CVE/NVD

Vulnerability Alerting Without Scanning


RESTful API provides access to raw vulnerability data

Vulnerabilities identified without having to scan your network by mapping to your assets

Real time alerting and threat modeling

Integrate vulnerability intelligence into your existing tools or workflow

Leverage existing GRC, ITIL, Asset Management/CMDB or SIEM products

Vendor and Product Risk Ratings


Proprietary Vulnerability Timeline and Exposure Metrics (VTEM)

Determine which products and vendors are putting your organization at risk, including how quickly they respond to researchers and provide patches

Extended classification system and our own CVSS scores

Extensive historical data, for a full picture of a vendor or product

Ability to compare vendor and products

Cost of Ownership Analysis

Product Chart mockup

3rd Party Libraries


Over 2,000 software libraries identified

Comprehensive insight on vulnerabilities in 3rd Party Libraries used in products and software development

Single source of information to monitor each library to ensure that newly disclosed vulnerabilities are addressed

Metrics provide the ability to evaluate and select the best third-party libraries

Connectors & Integrations


Easily link VulnDB with existing IT tools and security software at your organization

Automatic identification of dependencies/libraries that are used by development teams

Faster setup to monitor products for vulnerability alerts

Easily map your critical assets to vulnerabilities in your Asset Management systems

Numerous options including Github, Slack, RSA Archer, Splunk and more!

Application Framework


Ability to group products and dependencies used by applications or projects

Track and alert on vulnerabilities for applications

Track the various open source licenses by dependency

Connect to Github or upload a dependency file to automatically create an Application

Multiple languages supported including .NET, Java, JavaScript, PHP, Python and Ruby

Vulnerability Statistics

VulnDB is derived from a proprietary search engine and the thorough analysis of thousands of disclosed
vulnerabilities by our world-renowned research team.

Vulnerabilities YTD 2023

Vulnerabilities Missing From CVE

Vulnerabilities All Time

Vendors Monitored

VulnDB Features

VulnDB is derived from a proprietary search engine and the thorough analysis of thousands
of disclosed vulnerabilities by our world-renowned research team.

Comprehensive Intelligence & 3rd Party Libraries

Over 332,481 vulnerabilities, covering products of 35,898 vendors, including vulnerabilities not found in CVE/NVD, making VulnDB the most comprehensive solution on the market. Over 2,000 3rd Party Libraries have been identified and monitored for vulnerabilities.

RESTful API

Access provided to raw data via our API for integration into your existing tools or workflow such as GRC tools such as Archer, ITIL ticketing tool, Asset Management/CMDB, SIEM or internally developed products.

VTEM Metrics & Historical Data

Proprietary VTEM metrics and historical vulnerability data provide a complete picture, helping to determine if a product is secure and if the vendor responds to security issues appropriately.

Vulnerability Metadata

Each vulnerability contains an extended classification system and our own CVSS metrics provides ratings for remediation and prioritization.

Procurement & Vendor Selection

Support procurement and vendor selection processes by using ratings enabling organizations to reduce the likelihood of a data breach due to insecure products.

Email Alerting & Logging

Ability to configure email alerts by Vendor, Product of Search Criteria to be sent to users or group when a vulnerability is disclosed or updated.

Cost of Ownership

VulnDB provides details on average disclosure dates and analysis to help IT organizations understand the amount of money required to keep a product secure through repeating patching.

Reporting

Custom reports can be run or scheduled to show vulnerability trends, organization activity, or to get a better understanding of the vendors and products in use.

Research Team

Our world-renowned research team performs further in-depth analysis of select vulnerabilities to provide customers with the most detailed information available on cause and impact.

Vulnerability Experts

VulnDB is provided by the former maintainers of the OSVDB project. Our leadership team has been at the forefront of vulnerability research for over a decade, we have two members of the CVE Editorial Board and we are on the FIRST SIG for CVSS and VRDX.

Trusted By Organizations Around The World

Risk Based Security is honored to serve the vulnerability and cyber risk intelligence needs of organizations both large and small across a broad array of industries. Our clients include cyber insurance companies and brokers, automobile manufacturers, banks and credit unions, software developers, security solution providers, health care providers, life sciences and other technology service and product companies.

Request Free Demo & Evaluation Account

See for yourself how VulnDB is the premiere solution for all your vulnerability intelligence needs, saving you time by identifying the most critical issues to patch, providing vendor and product ratings as well as insight into 3rd Party Library weaknesses.